Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3B_NhmENjEZ2Eyy8c5f1SrB-gmk.roa
File: 3B_NhmENjEZ2Eyy8c5f1SrB-gmk.roa (raw, json)
Hash identifier: 6fa187XSgCfDLqrMdsHzAA9UFhc9b2WbvhWSj1DURkY=
Subject key identifier: DC:1F:CD:86:61:0D:8C:46:76:13:2C:BC:73:97:F5:4A:B0:7E:82:69
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C44AFF2
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3B_NhmENjEZ2Eyy8c5f1SrB-gmk.roa
Signing time: Tue 01 Mar 2022 14:12:54 +0000
ROA not before: Tue 01 Mar 2022 14:12:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
194.33.64.0/23 maxlen: 23
91.246.192.0/22 maxlen: 24
176.113.180.0/22 maxlen: 22
91.246.203.0/24 maxlen: 24
176.118.204.0/23 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
192.162.184.0/23 maxlen: 23
37.97.120.0/24 maxlen: 24
37.97.121.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
91.237.92.0/24 maxlen: 24
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
176.115.236.0/22 maxlen: 24
193.36.203.0/24 maxlen: 24
109.207.129.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.229.18.0/23 maxlen: 23
91.200.132.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
91.238.39.0/24 maxlen: 24
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.239.220.0/22 maxlen: 22
91.224.212.0/24 maxlen: 24
93.120.8.0/23 maxlen: 23
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474263538 (0x1c44aff2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Mar 1 14:12:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc1fcd86610d8c4676132cbc7397f54ab07e8269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d9:6e:7f:b7:4b:5b:a7:5d:6e:91:57:44:c6:
cb:b7:5c:fd:23:6d:49:66:c8:7f:df:94:a9:0c:12:
b5:5f:93:d4:60:16:e5:e5:53:46:e3:05:11:66:53:
ad:4a:67:a5:73:e0:82:59:92:6d:07:ea:9c:ac:6f:
b5:bd:76:31:4e:14:68:65:26:6a:ed:de:86:5b:25:
0f:05:f2:f8:67:0f:3a:29:a0:f9:bc:80:24:21:92:
87:6d:54:5f:ca:72:5c:78:6e:e8:ec:8e:66:6f:76:
6c:18:40:66:27:dc:c4:a4:6d:f2:2a:eb:01:2e:18:
af:18:9e:be:15:85:7a:94:43:3d:e6:53:6b:7a:d2:
01:a5:d3:73:5d:61:03:ec:56:7b:14:c4:94:10:45:
57:b6:f7:86:5a:50:2c:d3:e7:30:33:a5:06:a9:63:
9c:3d:be:99:39:f7:fb:10:5d:3f:78:67:ec:54:e0:
b7:40:35:ea:d7:ab:da:93:15:8f:b3:53:f6:f2:50:
e2:f5:40:b7:39:6d:49:2a:c5:ec:bb:c4:f8:50:7c:
0e:1d:b3:e1:11:fa:7b:b5:d5:59:6e:79:d5:c9:34:
3d:d4:18:6f:71:cb:c7:1e:8e:c9:dc:81:70:33:f5:
13:ef:aa:d6:5e:fd:5b:4e:fd:5c:a9:7c:4a:0f:bb:
63:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:1F:CD:86:61:0D:8C:46:76:13:2C:BC:73:97:F5:4A:B0:7E:82:69
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3B_NhmENjEZ2Eyy8c5f1SrB-gmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
64.43.120.0/22
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.132.0/24
91.200.134.0/23
91.224.212.0/24
91.229.18.0/23
91.232.56.0/23
91.232.226.0/24
91.237.92.0/24
91.238.39.0/24
91.239.220.0/22
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
93.120.8.0/23
109.207.129.0-109.207.130.255
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.236.0/24
176.118.204.0/23
176.121.108.0/22
192.162.184.0/23
193.36.203.0/24
194.33.64.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:c2:13:6e:10:22:5e:c4:27:bd:a2:44:32:5e:b8:01:65:86:
5a:ca:0b:5c:f5:41:ba:94:c1:52:01:2f:81:dd:64:07:f4:ac:
8b:88:89:d2:b8:03:8a:ec:38:4f:ad:45:f2:a9:78:75:cb:5b:
cd:c4:39:2c:ae:2c:a6:a2:d0:cf:8b:2d:8b:29:76:a8:8f:d8:
cf:02:ff:2b:06:b8:2b:aa:49:a1:be:59:6b:84:87:73:85:37:
6a:a8:2e:4c:79:00:be:94:c4:28:ec:92:12:9d:3d:84:f6:94:
38:50:1f:99:6d:b5:e4:d2:67:00:9c:89:1a:87:d5:63:e5:5d:
5c:8e:fb:7c:39:97:64:a2:5f:f0:23:54:86:d1:85:0f:6d:3b:
0a:4b:77:14:76:53:97:20:1b:65:f8:7f:44:24:4e:46:ff:6f:
1d:e3:87:f6:45:86:e6:fd:27:2b:ac:56:78:4f:60:b0:d8:93:
5b:94:df:eb:ef:0d:36:b4:76:01:29:be:db:da:12:b4:f5:10:
2e:e8:9b:ad:b5:59:14:0e:64:e7:ae:95:1e:ff:1d:d3:81:7f:
f2:5a:62:27:c0:96:52:5e:8e:44:f3:87:b2:d5:f2:20:a9:3c:
60:cd:11:b2:86:b2:ab:de:c3:7c:b5:cd:03:bd:d1:dc:97:06:
ea:0d:92:65
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgIEHESv8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDMw
MTE0MTI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMxZmNkODY2MTBk
OGM0Njc2MTMyY2JjNzM5N2Y1NGFiMDdlODI2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLZbn+3S1unXW6RV0TGy7dc/SNtSWbIf9+UqQwStV+T1GAW
5eVTRuMFEWZTrUpnpXPgglmSbQfqnKxvtb12MU4UaGUmau3ehlslDwXy+GcPOimg
+byAJCGSh21UX8pyXHhu6OyOZm92bBhAZifcxKRt8irrAS4YrxievhWFepRDPeZT
a3rSAaXTc11hA+xWexTElBBFV7b3hlpQLNPnMDOlBqljnD2+mTn3+xBdP3hn7FTg
t0A16ter2pMVj7NT9vJQ4vVAtzltSSrF7LvE+FB8Dh2z4RH6e7XVWW551ck0PdQY
b3HLxx6OydyBcDP1E++q1l79W079XKl8Sg+7YzMCAwEAAaOCAtAwggLMMB0GA1Ud
DgQWBBTcH82GYQ2MRnYTLLxzl/VKsH6CaTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
LzNCX05obUVOakVaMkV5eThjNWYxU3JCLWdtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
5QYIKwYBBQUHAQcBAf8EgdUwgdIwgc8EAgABMIHIAwQBJWF4AwQCLq34AwQCQCt4
AwQCUaEIAwQCUaEwAwQBW8EeAwQAW8iEAwQBW8iGAwQAW+DUAwQBW+USAwQBW+g4
AwQAW+jiAwQAW+1cAwQAW+4nAwQCW+/cAwQAW+/iAwQCW/bAAwQAW/bLAwQAW/bZ
AwQBXXgIMAwDBABtz4EDBABtz4IDBABtz4QDBACwYF4DBAGwbnADBAKwcbQDBAKw
c+wDBACwdOwDBAGwdswDBAKweWwDBAHAorgDBADBJMsDBALCIUAwDQYJKoZIhvcN
AQELBQADggEBAC3CE24QIl7EJ72iRDJeuAFlhlrKC1z1QbqUwVIBL4HdZAf0rIuI
idK4A4rsOE+tRfKpeHXLW83EOSyuLKai0M+LLYspdqiP2M8C/ysGuCuqSaG+WWuE
h3OFN2qoLkx5AL6UxCjskhKdPYT2lDhQH5ltteTSZwCciRqH1WPlXVyO+3w5l2Si
X/AjVIbRhQ9tOwpLdxR2U5cgG2X4f0QkTkb/bx3jh/ZFhub9JyusVnhPYLDYk1uU
3+vvDTa0dgEpvtvaErT1EC7om621WRQOZOeulR7/HdOBf/JaYifAllJejkTzh7LV
8iCpPGDNEbKGsqvew3y1zQO90dyXBuoNkmU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org